{"id":"gotok8s-kube-apiserver","name":"kube-apiserver","af_score":56.8,"security_score":79.2,"reliability_score":52.5,"what_it_does":"kube-apiserver is the Kubernetes API server component that exposes the Kubernetes control-plane API (REST over HTTPS) used by kubectl, controllers, and other clients to manage cluster resources. It implements authentication, authorization, admission, persistence via etcd, and core admission/validation pathways.","best_when":"You are running or extending a Kubernetes cluster and need standard Kubernetes API behavior and compatibility.","avoid_when":"You need a simple single-purpose HTTP service; you should instead use domain-specific APIs or managed platforms rather than a full Kubernetes control-plane component.","last_evaluated":"2026-04-04T19:46:20.918219+00:00","has_mcp":false,"has_api":true,"auth_methods":["Bearer token authentication","Client certificate authentication (mutual TLS)","Webhook authentication (optional, Kubernetes mechanism)","Service account tokens (via Kubernetes authn)"],"has_free_tier":false,"known_gotchas":["Watch streams are long-lived; agents must handle reconnects/resync rather than expecting single responses.","Kubernetes operations may fail with transient errors (e.g., conflicts/resourceVersion) or admission rejections; safe retry conditions are non-trivial.","Authentication/authorization is cluster-specific; agents need correct service account/credential setup and permissions (RBAC).","CRDs and API discovery are dynamic; agents should use discovery endpoints or stable group/version behavior instead of hardcoding everything."],"error_quality":0.0}